Use default interfaces for a more x3 gain in getting and setting headers

src/Antiforgery/src/Internal/DefaultAntiforgery.cs

@@ -266,7 +266,7 @@ private void SaveCookieTokenAndHeader(HttpContext httpContext, string cookieToke
                 // Adding X-Frame-Options header to prevent ClickJacking. See
                 // http://tools.ietf.org/html/draft-ietf-websec-x-frame-options-10
                 // for more information.
-                httpContext.Response.Headers[HeaderNames.XFrameOptions] = "SAMEORIGIN";
+                httpContext.Response.Headers.XFrameOptions = "SAMEORIGIN";
             }
         }
 
@@ -387,12 +387,12 @@ protected virtual void SetDoNotCacheHeaders(HttpContext httpContext)
                 if (!cacheControlHeaderValue.NoCache || !cacheControlHeaderValue.NoStore)
                 {
                     logWarning = true;
-                    responseHeaders[HeaderNames.CacheControl] = "no-cache, no-store";
+                    responseHeaders.CacheControl = "no-cache, no-store";
                 }
             }
             else
             {
-                responseHeaders[HeaderNames.CacheControl] = "no-cache, no-store";
+                responseHeaders.CacheControl = "no-cache, no-store";
             }
 
             if (responseHeaders.TryGetValue(HeaderNames.Pragma, out var pragmaHeader) && pragmaHeader.Count > 0)
@@ -401,12 +401,12 @@ protected virtual void SetDoNotCacheHeaders(HttpContext httpContext)
                 if (!string.Equals(pragmaHeader[0], "no-cache", StringComparison.OrdinalIgnoreCase))
                 {
                     logWarning = true;
-                    httpContext.Response.Headers[HeaderNames.Pragma] = "no-cache";
+                    httpContext.Response.Headers.Pragma = "no-cache";
                 }
             }
             else
             {
-                httpContext.Response.Headers[HeaderNames.Pragma] = "no-cache";
+                httpContext.Response.Headers.Pragma = "no-cache";
             }
 
             // Since antiforgery token generation is not very obvious to the end users (ex: MVC's form tag generates them

src/Antiforgery/test/DefaultAntiforgeryTest.cs

@@ -313,8 +313,8 @@ public void GetAndStoreTokens_ExistingValidCookieToken_NotOverriden_AndSetsDoNot
 
             Assert.NotNull(antiforgeryFeature);
             Assert.Equal(context.TestTokenSet.OldCookieToken, antiforgeryFeature.CookieToken);
-            Assert.Equal("no-cache, no-store", context.HttpContext.Response.Headers[HeaderNames.CacheControl]);
-            Assert.Equal("no-cache", context.HttpContext.Response.Headers[HeaderNames.Pragma]);
+            Assert.Equal("no-cache, no-store", context.HttpContext.Response.Headers.CacheControl);
+            Assert.Equal("no-cache", context.HttpContext.Response.Headers.Pragma);
         }
 
         [Fact]
@@ -328,7 +328,7 @@ public void GetAndStoreTokens_ExistingCachingHeaders_Overriden()
                 isOldCookieValid: true,
                 antiforgeryFeature: antiforgeryFeature);
             var antiforgery = GetAntiforgery(context);
-            context.HttpContext.Response.Headers["Cache-Control"] = "public";
+            context.HttpContext.Response.Headers.CacheControl = "public";
 
             // Act
             var tokenSet = antiforgery.GetAndStoreTokens(context.HttpContext);
@@ -344,8 +344,8 @@ public void GetAndStoreTokens_ExistingCachingHeaders_Overriden()
 
             Assert.NotNull(antiforgeryFeature);
             Assert.Equal(context.TestTokenSet.OldCookieToken, antiforgeryFeature.CookieToken);
-            Assert.Equal("no-cache, no-store", context.HttpContext.Response.Headers[HeaderNames.CacheControl]);
-            Assert.Equal("no-cache", context.HttpContext.Response.Headers[HeaderNames.Pragma]);
+            Assert.Equal("no-cache, no-store", context.HttpContext.Response.Headers.CacheControl);
+            Assert.Equal("no-cache", context.HttpContext.Response.Headers.Pragma);
         }
 
         private string GetAndStoreTokens_CacheHeadersArrangeAct(TestSink testSink, string headerName, string headerValue)
@@ -506,8 +506,8 @@ public void GetAndStoreTokens_NoExistingCookieToken_Saved_AndSetsDoNotCacheHeade
             Assert.NotNull(antiforgeryFeature);
             Assert.True(antiforgeryFeature.HaveDeserializedCookieToken);
             Assert.Equal(context.TestTokenSet.OldCookieToken, antiforgeryFeature.CookieToken);
-            Assert.Equal("no-cache, no-store", context.HttpContext.Response.Headers[HeaderNames.CacheControl]);
-            Assert.Equal("no-cache", context.HttpContext.Response.Headers[HeaderNames.Pragma]);
+            Assert.Equal("no-cache, no-store", context.HttpContext.Response.Headers.CacheControl);
+            Assert.Equal("no-cache", context.HttpContext.Response.Headers.Pragma);
         }
 
         [Fact]

src/Antiforgery/test/DefaultAntiforgeryTokenStoreTest.cs

@@ -460,7 +460,7 @@ public void SaveCookieToken_NonNullAntiforgeryOptionsConfigureCookieOptionsDomai
         private HttpContext GetHttpContext(string cookieName, string cookieValue)
         {
             var context = GetHttpContext();
-            context.Request.Headers[HeaderNames.Cookie] = $"{cookieName}={cookieValue}";
+            context.Request.Headers.Cookie = $"{cookieName}={cookieValue}";
             return context;
         }
 

src/Azure/AzureAD/Authentication.AzureADB2C.UI/test/AzureAdB2COpenIDConnectEventHandlersTests.cs

@@ -114,7 +114,7 @@ public async Task OnRemoteError_HandlesResponseWhenTryingToResetPasswordFromTheL
 
             // Assert
             Assert.Equal(StatusCodes.Status302Found, remoteFailureContext.Response.StatusCode);
-            Assert.Equal("/AzureADB2C/Account/ResetPassword/AzureADB2C", remoteFailureContext.Response.Headers[HeaderNames.Location]);
+            Assert.Equal("/AzureADB2C/Account/ResetPassword/AzureADB2C", remoteFailureContext.Response.Headers.Location);
             Assert.True(remoteFailureContext.Result.Handled);
         }
 
@@ -141,7 +141,7 @@ public async Task OnRemoteError_HandlesResponseWhenUserCancelsFlowFromTheAzureAD
 
             // Assert
             Assert.Equal(StatusCodes.Status302Found, remoteFailureContext.Response.StatusCode);
-            Assert.Equal("/", remoteFailureContext.Response.Headers[HeaderNames.Location]);
+            Assert.Equal("/", remoteFailureContext.Response.Headers.Location);
             Assert.True(remoteFailureContext.Result.Handled);
         }
 
@@ -168,7 +168,7 @@ public async Task OnRemoteError_HandlesResponseWhenErrorIsUnknown()
 
             // Assert
             Assert.Equal(StatusCodes.Status302Found, remoteFailureContext.Response.StatusCode);
-            Assert.Equal("/AzureADB2C/Account/Error", remoteFailureContext.Response.Headers[HeaderNames.Location]);
+            Assert.Equal("/AzureADB2C/Account/Error", remoteFailureContext.Response.Headers.Location);
             Assert.True(remoteFailureContext.Result.Handled);
         }
     }

src/Azure/samples/AzureAppServicesHostingStartupSample/Startup.cs

@@ -25,7 +25,7 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
 
                 await context.Response.WriteAsync("Address:" + Environment.NewLine);
                 await context.Response.WriteAsync("Scheme: " + context.Request.Scheme + Environment.NewLine);
-                await context.Response.WriteAsync("Host: " + context.Request.Headers["Host"] + Environment.NewLine);
+                await context.Response.WriteAsync("Host: " + context.Request.Headers.Host + Environment.NewLine);
                 await context.Response.WriteAsync("PathBase: " + context.Request.PathBase.Value + Environment.NewLine);
                 await context.Response.WriteAsync("Path: " + context.Request.Path.Value + Environment.NewLine);
                 await context.Response.WriteAsync("Query: " + context.Request.QueryString.Value + Environment.NewLine);

src/Azure/samples/AzureAppServicesSample/Startup.cs

@@ -37,7 +37,7 @@ public void Configure(IApplicationBuilder app, ILoggerFactory loggerfactory)
 
                 await context.Response.WriteAsync("Address:" + Environment.NewLine);
                 await context.Response.WriteAsync("Scheme: " + context.Request.Scheme + Environment.NewLine);
-                await context.Response.WriteAsync("Host: " + context.Request.Headers["Host"] + Environment.NewLine);
+                await context.Response.WriteAsync("Host: " + context.Request.Headers.Host + Environment.NewLine);
                 await context.Response.WriteAsync("PathBase: " + context.Request.PathBase.Value + Environment.NewLine);
                 await context.Response.WriteAsync("Path: " + context.Request.Path.Value + Environment.NewLine);
                 await context.Response.WriteAsync("Query: " + context.Request.QueryString.Value + Environment.NewLine);

src/Components/WebAssembly/Server/src/ContentEncodingNegotiator.cs

@@ -41,7 +41,7 @@ public Task InvokeAsync(HttpContext context)
 
         private void NegotiateEncoding(HttpContext context)
         {
-            var accept = context.Request.Headers[HeaderNames.AcceptEncoding];
+            var accept = context.Request.Headers.AcceptEncoding;
 
             if (StringValues.IsNullOrEmpty(accept))
             {
@@ -91,7 +91,7 @@ private void NegotiateEncoding(HttpContext context)
             if (_encodingExtensionMap.TryGetValue(selectedEncoding, out var extension))
             {
                 context.Request.Path = context.Request.Path + extension;
-                context.Response.Headers[HeaderNames.ContentEncoding] = selectedEncoding.Value;
+                context.Response.Headers.ContentEncoding = selectedEncoding.Value;
                 context.Response.Headers.Append(HeaderNames.Vary, HeaderNames.ContentEncoding);
             }
 

src/Components/test/testassets/TestServer/Controllers/PersonController.cs

@@ -34,7 +34,7 @@ public async Task<string> Post()
         [HttpGet("referrer")]
         public string GetReferer()
         {
-            return $"The referrer is: {Request.Headers["Referer"].ToString()}";
+            return $"The referrer is: {Request.Headers.Referer.ToString()}";
         }
 
         // PUT api/person

src/Hosting/Hosting/src/Internal/ErrorPageBuilder.cs

@@ -33,8 +33,8 @@ public static RequestDelegate BuildErrorPageApplication(
             return context =>
             {
                 context.Response.StatusCode = 500;
-                context.Response.Headers[HeaderNames.CacheControl] = "no-cache,no-store";
-                context.Response.Headers[HeaderNames.Pragma] = "no-cache";
+                context.Response.Headers.CacheControl = "no-cache,no-store";
+                context.Response.Headers.Pragma = "no-cache";
                 context.Response.ContentType = "text/html; charset=utf-8";
                 return errorPage.ExecuteAsync(context);
             };

src/Hosting/Hosting/src/Internal/HostingApplicationDiagnostics.cs

@@ -264,15 +264,17 @@ private static void RecordRequestStartEventLog(HttpContext httpContext)
             }
 
             var headers = httpContext.Request.Headers;
-            if (!headers.TryGetValue(HeaderNames.TraceParent, out var requestId))
+            var requestId = headers.TraceParent;
+            if (requestId.Count == 0)
             {
-                headers.TryGetValue(HeaderNames.RequestId, out requestId);
+                requestId = headers.RequestId;
             }
 
             if (!StringValues.IsNullOrEmpty(requestId))
             {
                 activity.SetParentId(requestId);
-                if (headers.TryGetValue(HeaderNames.TraceState, out var traceState))
+                var traceState = headers.TraceState;
+                if (traceState.Count > 0)
                 {
                     activity.TraceStateString = traceState;
                 }

src/Hosting/TestHost/test/ClientHandlerTests.cs

@@ -95,7 +95,7 @@ public Task UserAgentHeaderWorks()
             var userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0";
             var handler = new ClientHandler(new PathString(""), new DummyApplication(context =>
             {
-                var actualResult = context.Request.Headers[HeaderNames.UserAgent];
+                var actualResult = context.Request.Headers.UserAgent;
                 Assert.Equal(userAgent, actualResult);
 
                 return Task.CompletedTask;
@@ -147,7 +147,7 @@ public Task ContentLengthWithImplicitChunkedTransferEncodingWorks()
             {
                 Assert.True(context.Request.CanHaveBody());
                 Assert.Null(context.Request.ContentLength);
-                Assert.Equal("chunked", context.Request.Headers[HeaderNames.TransferEncoding]);
+                Assert.Equal("chunked", context.Request.Headers.TransferEncoding);
 
                 return Task.CompletedTask;
             }));
@@ -164,7 +164,7 @@ public Task ContentLengthWithExplicitChunkedTransferEncodingWorks()
             {
                 Assert.True(context.Request.CanHaveBody());
                 Assert.Null(context.Request.ContentLength);
-                Assert.Equal("chunked", context.Request.Headers[HeaderNames.TransferEncoding]);
+                Assert.Equal("chunked", context.Request.Headers.TransferEncoding);
 
                 return Task.CompletedTask;
             }));

src/Hosting/TestHost/test/HttpContextBuilderTests.cs

@@ -59,10 +59,10 @@ public async Task UserAgentHeaderWorks()
             server.BaseAddress = new Uri("https://example.com/");
             var context = await server.SendAsync(c =>
             {
-                c.Request.Headers[HeaderNames.UserAgent] = userAgent;
+                c.Request.Headers.UserAgent = userAgent;
             });
 
-            var actualResult = context.Request.Headers[HeaderNames.UserAgent];
+            var actualResult = context.Request.Headers.UserAgent;
             Assert.Equal(userAgent, actualResult);
         }
 

src/Hosting/TestHost/test/TestServerTests.cs

@@ -771,7 +771,7 @@ public async Task ExceptionDiagnosticAvailable()
         public async Task ManuallySetHostWinsOverInferredHostFromRequestUri(string uri)
         {
             RequestDelegate appDelegate = ctx =>
-                ctx.Response.WriteAsync(ctx.Request.Headers[HeaderNames.Host]);
+                ctx.Response.WriteAsync(ctx.Request.Headers.Host);
 
             var builder = new WebHostBuilder().Configure(app => app.Run(appDelegate));
             var server = new TestServer(builder);

src/Http/Headers/src/HeaderNames.cs

@@ -283,10 +283,16 @@ public static class HeaderNames
         /// <summary>Gets the <c>X-Frame-Options</c> HTTP header name.</summary>
         public static readonly string XFrameOptions = "X-Frame-Options";
 
+        /// <summary>Gets the <c>X-Powered-By</c> HTTP header name.</summary>
+        public static readonly string XPoweredBy = "X-Powered-By";
+
         /// <summary>Gets the <c>X-Requested-With</c> HTTP header name.</summary>
         public static readonly string XRequestedWith = "X-Requested-With";
 
+        /// <summary>Gets the <c>X-UA-Compatible</c> HTTP header name.</summary>
+        public static readonly string XUACompatible = "X-UA-Compatible";
+
         /// <summary>Gets the <c>X-XSS-Protection</c> HTTP header name.</summary>
-        public static readonly string XXssProtection = "X-XSS-Protection";
+        public static readonly string XXSSProtection = "X-XSS-Protection";
     }
 }

src/Http/Headers/src/PublicAPI.Unshipped.txt

@@ -6,4 +6,6 @@ static readonly Microsoft.Net.Http.Headers.HeaderNames.Baggage -> string!
 static readonly Microsoft.Net.Http.Headers.HeaderNames.Link -> string!
 static readonly Microsoft.Net.Http.Headers.HeaderNames.ProxyConnection -> string!
 static readonly Microsoft.Net.Http.Headers.HeaderNames.XContentTypeOptions -> string!
-static readonly Microsoft.Net.Http.Headers.HeaderNames.XXssProtection -> string!
+static readonly Microsoft.Net.Http.Headers.HeaderNames.XPoweredBy -> string!
+static readonly Microsoft.Net.Http.Headers.HeaderNames.XUACompatible -> string!
+static readonly Microsoft.Net.Http.Headers.HeaderNames.XXSSProtection -> string!

src/Http/Http.Extensions/src/RequestHeaders.cs

@@ -219,11 +219,11 @@ public HostString Host
         {
             get
             {
-                return HostString.FromUriComponent(Headers[HeaderNames.Host]);
+                return HostString.FromUriComponent(Headers.Host);
             }
             set
             {
-                Headers[HeaderNames.Host] = value.ToUriComponent();
+                Headers.Host = value.ToUriComponent();
             }
         }
 
@@ -339,7 +339,7 @@ public Uri? Referer
         {
             get
             {
-                if (Uri.TryCreate(Headers[HeaderNames.Referer], UriKind.RelativeOrAbsolute, out var uri))
+                if (Uri.TryCreate(Headers.Referer, UriKind.RelativeOrAbsolute, out var uri))
                 {
                     return uri;
                 }

src/Http/Http.Extensions/src/ResponseExtensions.cs

@@ -52,7 +52,7 @@ public static void Redirect(this HttpResponse response, string location, bool pe
                 response.StatusCode = permanent ? StatusCodes.Status301MovedPermanently : StatusCodes.Status302Found;
             }
 
-            response.Headers[HeaderNames.Location] = location;
+            response.Headers.Location = location;
         }
     }
 }

src/Http/Http.Extensions/src/ResponseHeaders.cs

@@ -174,7 +174,7 @@ public Uri? Location
         {
             get
             {
-                if (Uri.TryCreate(Headers[HeaderNames.Location], UriKind.RelativeOrAbsolute, out var uri))
+                if (Uri.TryCreate(Headers.Location, UriKind.RelativeOrAbsolute, out var uri))
                 {
                     return uri;
                 }

src/Http/Http.Extensions/test/HeaderDictionaryTypeExtensionsTest.cs

@@ -15,7 +15,7 @@ public class HeaderDictionaryTypeExtensionsTest
         public void GetT_KnownTypeWithValidValue_Success()
         {
             var context = new DefaultHttpContext();
-            context.Request.Headers[HeaderNames.ContentType] = "text/plain";
+            context.Request.Headers.ContentType = "text/plain";
 
             var result = context.Request.GetTypedHeaders().Get<MediaTypeHeaderValue>(HeaderNames.ContentType);
 
@@ -37,7 +37,7 @@ public void GetT_KnownTypeWithMissingValue_Null()
         public void GetT_KnownTypeWithInvalidValue_Null()
         {
             var context = new DefaultHttpContext();
-            context.Request.Headers[HeaderNames.ContentType] = "invalid";
+            context.Request.Headers.ContentType = "invalid";
 
             var result = context.Request.GetTypedHeaders().Get<MediaTypeHeaderValue>(HeaderNames.ContentType);
 
@@ -86,7 +86,7 @@ public void GetT_UnknownTypeWithoutTryParse_Throws()
         public void GetListT_KnownTypeWithValidValue_Success()
         {
             var context = new DefaultHttpContext();
-            context.Request.Headers[HeaderNames.Accept] = "text/plain; q=0.9, text/other, */*";
+            context.Request.Headers.Accept = "text/plain; q=0.9, text/other, */*";
 
             var result = context.Request.GetTypedHeaders().GetList<MediaTypeHeaderValue>(HeaderNames.Accept);
 
@@ -112,7 +112,7 @@ public void GetListT_KnownTypeWithMissingValue_EmptyList()
         public void GetListT_KnownTypeWithInvalidValue_EmptyList()
         {
             var context = new DefaultHttpContext();
-            context.Request.Headers[HeaderNames.Accept] = "invalid";
+            context.Request.Headers.Accept = "invalid";
 
             var result = context.Request.GetTypedHeaders().GetList<MediaTypeHeaderValue>(HeaderNames.Accept);
 

src/Http/Http.Extensions/test/ResponseExtensionTests.cs

@@ -51,7 +51,7 @@ public void Redirect_SetsResponseCorrectly(bool permanent, bool preserveMethod,
 
             context.Response.Redirect(location, permanent, preserveMethod);
 
-            Assert.Equal(location, context.Response.Headers[HeaderNames.Location].First());
+            Assert.Equal(location, context.Response.Headers.Location.First());
             Assert.Equal(expectedStatusCode, context.Response.StatusCode);
         }